Microsoft’s Changes to FPE 2010 and How it Affected Exchange 2013

As email administrators try the new version of Microsoft Exchange, they are learning that upgrading to Exchange 2013 is not possible on autopilot especially if you are using Microsoft Forefront for security.

Microsoft made changes to their security offerings when they discontinued sales of Forefront for Protection Exchange 2010 (FPE) in favor of a lightweight built-in, anti-malware filter in Exchange 2013. However, there is confusion on what was available with FPE and what is now included with Exchange 2013. See the enclosed table for some clarity:

The changes are forcing customers to re-evaluate their security strategy as they think about migrating to Exchange 2013. There are two primary reasons leading organizations have been increasing rather than decreasing their email security:

NOTE: Email is key to blocking attacks before they reach their intended target and in light of these two factors, now is the time for more email security, not less.

Trend Micro’s solution overcomes the limitations of Exchange 2013 anti-malware and adds additional security protections for phishing and targeted attacks. ScanMail Suite for Microsoft Exchange, works with on-premise Exchange servers and can filter Exchange 2013 email traffic in real-time and stored in the mailstore (even though VSAPI was removed from Exchange 2013). It goes beyond standard pattern detection of malware and uses reputation checks for attachments, URLs, and email senders. To detect zero day threats and unknown malware it looks for document exploits and can open attachments in a virtual sandbox for dynamic analysis. Often during sandbox analysis, new threat information such as C&C server locations can be discovered and shared with network and endpoint security layers to further enhance your overall protection.

If you’re looking to increase your email security as you move to Exchange 2013, you can download a free trial of ScanMail from Trend Micro’s website at www.TrendMicro.com.